using suexec and suphp and pspsuexec.

Hi Folks. I have some basic questions about using the suexec, and suphp functions. I have been having periodic problems with script kiddies exploiting some weak scripts on my machine. I can identify the offending processes and stop them, then find some files that were put into /tmp and get rid of them, but the problem is that I can't drill down through the logs and find out exactly which user account was causing the weakness or the problem. Everything has a record of "nobody".

Now I have done some reading and research and I believe that suexec and suphp will wrap these rogue scripts and make them be more identifiable. I guess the biggest question that I have is, if I hadn't set up suexec or suphp from the beginning, will all of my perl and php scripts break as soon as I implement suexec/suphp? I had been hesitant in the past because I have a lot of existing scripts and not a lot of time to do troubleshooting for broken scripts on every site that I administer. Is it really going to be that bad?

Any other advice anyone might have on this topic would be greatly appreciated. Thanks.

Hi Folks. I have some basic questions about using the suexec, and suphp functions. I have been having periodic problems with script kiddies exploiting some weak scripts on my machine. I can identify the offending processes and stop them, then find some files that were put into /tmp and get rid of them, but the problem is that I can't drill down through the logs and find out exactly which user account was causing the weakness or the problem. Everything has a record of "nobody".

Now I have done some reading and research and I believe that suexec and suphp will wrap these rogue scripts and make them be more identifiable. I guess the biggest question that I have is, if I hadn't set up suexec or suphp from the beginning, will all of my perl and php scripts break as soon as I implement suexec/suphp? I had been hesitant in the past because I have a lot of existing scripts and not a lot of time to do troubleshooting for broken scripts on every site that I administer. Is it really going to be that bad?

Any other advice anyone might have on this topic would be greatly appreciated. Thanks.

Click to expand...

For SuExec, I haven't really heard anything bad about it to be honest. If anyone has any horror stories of Perl scripts breaking because of SuExec, please share .

As for SuPHP, PHP scripts that are chmod 777 will generate HTTP 500 errors. This is due to 777 being insecure permissions, and unnecessary under SuPHP. So you may run into the issue of telling users to chmod their PHP scripts to 755 from 777 even after the initial enabling of SuPHP.

Some custom coders of PHP that have reseller accounts may become annoyed they can't have a repository of scripts on one site and share that among all their cPanel accounts. However, only custom coders will encounter this issue and they can just as easily modify their scripts to deal with these constraints. What I do is edit my PHP scripts so they return the value of whatever function as plain text (almost like AJAX) and then load the results of that into a buffer for processing.

As for SuPHP, PHP scripts that are chmod 777 will generate HTTP 500 errors. This is due to 777 being insecure permissions, and unnecessary under SuPHP. So you may run into the issue of telling users to chmod their PHP scripts to 755 from 777 even after the initial enabling of SuPHP.